Netstat

Recently my office internet connection keep down and after few try and error on the network tools, finally we manage to solve it by upgrande the frameware for one of our gateway rounter.

But after a day, the same problem occur again and we try to analyze the traffic pass through the gateway and find out one of the PC keep try sending data to the unknow IP adress using the port of 445 (Microsoft-ds)

What is netstat?

Netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number

How to check the port using use?

1. Go to Start -> Run -> [cmd]
2. type in [Netstat]
3. You will see the list of IP address, port number use and the status of the port
address and the state for the port

How to check the port using use by what process?

1. Go to Start -> Run -> [cmd]
2. type in [Netstat -aon]
3. You will see the list of local IP address, port number, foreign address and foreign port, status of the port, and also the Process Id
4. Copy the suspected process id
5. Open the task manager Start -> Run -> [taskmgr]
6. Go view -> Select columns -> check the PID (Process Identifier)
7. Search for the process Id that show in the netstat and do the necessary job

Netstat Screen shot – Existing computer connection status with process id